We help IT Professionals succeed at work.

Citrix Web Access behind ISA


In the past, when I published OWA, behind ISA so it can be accessed from the public network, I have to export the Exchange certificate and import into ISA, then create the necessary rules to allow internet traffic to pass ISA into Exchange to access OWA.

I have installed a the trial XenApp 5, thus far is working ok inside the LAN. Know, I want to extend its capability beyond the LAN border hence I need to be able to access it from the public network.

So first, I need to enable Citrix HTTPS to test it inside LAN to ensure I can access within the bonder of my private network?
Then, I need to configure ISA so that Citrix Web Access is possible from the public network.

I'm new to Citrix so appreciate if you share some guidance on how to achieve this behind ISA firewall.
Watch Question

Network Administrator, Network Consultant
Top Expert 2011


To be able to encapsulate all the XenApp traffic on HTTPS, you need to use Secure Gateway. Other wise you need to open the following ports from the outside to the XenApp Server

*80 Web Interface
*1494 ICA
*2598 Session Reliability

When you use Secure Gateway, this encapsulate all the traffic on Https and you bind this to a Security Certificate. Tried to use a Public cert. if you don't want to install a root cert on each machine that connects to the server.

Use the following tutorial to install secure gateway